Alessandrogario

**Name of the Vulnerable Software and Affected Versions** osquery versions 2.9.0 through 4.2.0 **Description** The issue is related to incorrect validation of the TLS SNI hostname, which could allow an attacker to perform a man-in-the-middle (MITM) attack on osquery traffic when a root chain of trust is not configured. This could potentially affect osquery communications. **Recommendations** For osquery versions 2.9.0 through 4.2.0, update to version 4.2.0 or later to resolve the issue.